Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)

A Google App Script that adds notification reminders for the previous day when you have early events

😱 Falsehoods Programmers Believe in

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Replace all homoglyphs with base characters. Useful to detect similar strings.

How to wait for container X before starting Y using docker-compose healthcheck

Capture your screen to a GIF in your browser

Seamless integration of tox into GitHub Actions for tox 3 and 4

Your self-hosted, globally interconnected microblogging community

OWASP Foundation Web Respository

A bot tool to disable and re-enable "Include administrators" option in branch protection

Automatically commit and push changed files back to GitHub with this GitHub Action for the 80% use case.

Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.

Two Factor Authentication Java code implementing the Time-based One-time Password Algorithm

⚡ Dynamically generated stats for your github readmes

Testcontainers is a Java library that supports JUnit tests, providing lightweight, throwaway instances of common databases, Selenium web browsers, or anything else that can run in a Docker container.

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

A keystroke logger to exploit XSS vulnerabilities in a site - for my personal Educational purposes only

Automatic SSRF fuzzer and exploitation tool

Netty project - an event-driven asynchronous network application framework

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.

Debug your GitHub Actions via SSH by using tmate to get access to the runner system itself.

JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.

XSS payloads designed to turn alert(1) into P1

A proposed standard that allows websites to define security policies.

A list of interesting payloads, tips and tricks for bug bounty hunters.

Awesome XSS stuff

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.